undefined | Better HN

0 pointsdonmcronald5mo ago0 comments

Your untampered device will be enrolled with a verified ID provider and they’ll be part of the attestation. The tamper resistance hardware benefits from decades of hacking. Plus you’re not talking about things like compromising a single long lived key or similar like you could with physical media or players.

We’ll probably get to the point where you need a verified id to buy a phone that does attestation. Tamper with it and go to jail. Who’s going to hack that?

0 comments

iamnothere5mo ago

Even if things get that locked down, I suspect that leaked attestation keys and fake/stolen ID verification will always be a problem. There’s a lot of money to be made in this, and someone will inevitably decide not to leave that money on the table, legality be damned. This risk only goes up with manufacturing that crosses borders, and despite the push to renationalize production, it’s going to be a long time before that is feasible at a mass scale.

A small, hardly exclusive list of things we have been unable to protect through technology:

- DVD/Blu Ray/HDMI copy protection

- Windows product registration

- Device jailbreaking (manufacturers are constantly running to keep ahead of this but old versions are frequently unlocked even with iOS)

- Classified diplomatic documents

- Classified details of warfighting equipment

- Identities of federal employees (and even covert agents)

- Nuclear secrets

Technical measures aren’t always the weak point—bribery works just as well. As the US tech stack continues to decouple from China, they will also have the motivation to break our systems.

pseudalopex5mo ago

There is more money to be made selling exploits to criminals or states than selling false attestation or jailbreak to the public.

iOS jailbreak enthusiasts say it wasn't practical since years.

Some state secrets leaked. Many did not.

j / k navigate · click thread line to collapse